5.1

CVE-2006-3014

Exploit
Microsoft Excel allows user-assisted attackers to execute arbitrary javascript and redirect users to arbitrary sites via an Excel spreadsheet with an embedded Shockwave Flash Player ActiveX Object, which is automatically executed when the user opens the spreadsheet.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 30.1% 0.98
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.1 4.9 6.4
AV:N/AC:H/Au:N/C:P/I:P/A:P
CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://archives.neohapsis.com/archives/fulldisclosure/2006-06/0414.html
Exploit
http://hackingspirits.com/vuln-rnd/vuln-rnd.html
Exploit
http://secunia.com/advisories/21865
Patch
Vendor Advisory
http://secunia.com/advisories/22882
Vendor Advisory
http://securitytracker.com/id?1016344
http://www.adobe.com/support/security/bulletins/apsb06-11.html
http://www.securiteam.com/windowsntfocus/5TP0M0KIUA.html
http://www.securityfocus.com/bid/18583
Exploit
http://www.securityfocus.com/bid/19980
Patch
http://www.us-cert.gov/cas/techalerts/TA06-318A.html
US Government Resource
http://www.vupen.com/english/advisories/2006/3573
Vendor Advisory
http://www.vupen.com/english/advisories/2006/3577
Vendor Advisory
http://www.vupen.com/english/advisories/2006/4507
Vendor Advisory
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-069
https://exchange.xforce.ibmcloud.com/vulnerabilities/27312
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A538